Beispiel #1
0
        public async Task <AuthenticateUserMediatorCommandResponse> Handle(AuthenticateUserMediatorCommand request, CancellationToken cancellationToken)
        {
            var readUser = await _readUserRepository.LoadUserByUserNameAsync(request.UserName, cancellationToken);

            if (readUser == null)
            {
                throw new KeyNotFoundException($"User with username {request.UserName} was not found.");
            }

            var user = await _userRepository.LoadUserAsync(readUser.AggregateRootId, cancellationToken);

            //Check if the password entered by the user is the same as what is stored in our database
            var scope          = _mediatorFactory.CreateScope();
            var passwordResult = await scope.SendAsync(ValidateHashedPasswordMediatorQuery.CreateQuery(
                                                           request.Password,
                                                           user.Password.HashedPassword,
                                                           user.Password.Salt),
                                                       cancellationToken);

            if (!passwordResult.IsValid)
            {
                throw new InvalidCredentialException($"User with username {request.UserName} entered an invalid password");
            }
            var jwtToken = await _securityService.GenerateJsonWebTokenAsync(user, cancellationToken);

            return(AuthenticateUserMediatorCommandResponse.CreateResponse(readUser.AggregateRootId, jwtToken));
        }
Beispiel #2
0
        public async Task Given_A_Hashed_Password_Validation__Fail()
        {
            // Arrange
            var hashedPassword = "******";
            var salt           = "salt";
            var password       = "******";

            A.CallTo(() => _securityService.GenerateHashedPassword(password, salt)).Returns(Task.FromResult("anotherhash"));

            // Act
            var result = await _sut.Handle(ValidateHashedPasswordMediatorQuery.CreateQuery(password, hashedPassword, salt), default);

            // Assert
            Assert.AreEqual(false, result.IsValid);
        }